A Data Firm Was Tracking People Who Visited Abortion Clinics and Selling the Data

Update: SafeGraph has now stopped selling the location data of people who visited abortion-providing clinics, reports Motherboard.

In a blog post since published on SafeGraph’s website, Auren Hoffman, SafeGraph’s CEO, wrote: “In light of potential federal changes in family planning access, we’re removing Patterns data for locations classified as NAICS code 621410 (‘Family Planning Centers’) from our self-serve ‘shop’ and API to curtail any potential misuse of its data.”

Less than 24 hours after POLITICO reported that the Supreme Court is likely to overturn Roe v. Wade, VICE’s tech reporting arm, Motherboard, reported that a location data firm had been selling the private information of people visiting abortion-providing clinics, including Planned Parenthood facilities.

SafeGraph, the data company at the center of the report, not only obtained the location people visiting the clinics came from, but how long they stayed there—and even more disturbingly, where they went after leaving. Despite the fact that it’s undoubtedly a breach of privacy, the company considered Planned Parenthood a “brand,” meaning it could legally track its data, regardless of how unethical it is.

To aid in the investigation, Motherboard purchased a week of location data from SafeGraph for just over $160 last month. There are currently more than 600 Planned Parenthood locations in the United States, and while not every facility performs abortion services, Motherboard confirmed that a number of the facilities included in the dataset they purchased do. Additionally, data for “Family Planning Centers” were also able to be purchased via SafeGraph.

“It’s bonkers dangerous to have abortion clinics and then let someone buy the census tracks where people are coming from to visit that abortion clinic,” Zach Edwards, a cybersecurity researcher told Motherboard. “This is how you dox someone traveling across state lines for abortions—how you dox clinics providing this service.”

How does SafeGraph do it? App developers install code called software development kits (SDKs) into apps as unassuming as the weather app and, in exchange for payment, send users’ location data—in many cases, unknowingly—to companies like SafeGraph.

Considering citizen surveillance has become all the more common in recent years due in part to legislation like Senate Bill 8 in Texas, a near-total abortion ban enforced by people policing each other, this recent data collection is exceptionally worrisome. Anti-abortion advocacy groups have proven to be particularly adept at targeting people seeking abortion care. Last year, Jezebel reported that Texas Right to Life launched a hotline for citizens to submit tips about they suspected to be seeking or helping people seek abortions, and also that anti-abortion groups were utilizing fertility apps that track people’s periods and mobile geo-fencing technology to target patients at abortion clinics or en route to one with anti-abortion propaganda ads.

If Roe is struck down, trigger laws in at least 13 states will immediately fully or partly ban abortion. And in the wake of any formal SCOTUS ruling, it’s quite likely we’ll see even more of a boost in surveillance—and in more states than Texas—thanks to platforms like SafeGraph.

Basically, not only are abortion rights imperiled in this country, but any remaining semblance of privacy is, too.